Earlier last week, Horizon’s security was breached, and over $100 million in cryptocurrency was whipped out of the USA-developed blockchain bridge. Crypto traders use the platform all over the world to swap crypto tokens between diverse networks. Crypto expert Jean Pierre Vandomeshares that the modus operandi used by the threat actors points fingers at the Lazarus Group in North Korea.
“There are numerous similarities of this crypto heist with the previous attacks by the same perpetrators,” says Jean Pierre Vandome. More significantly, the transfer of funds mainly happened during Asia-Pacific work hours.
The cybercriminals programmatically converted most of the stolen ether, tether, and USDC cryptocurrency into ether using Tornado Cash (TORN), a so-called mixer and decentralized protocol. “Hackers leveraged Tornado Cash to convert the steal into Ethereum in order to leave no trail of the siphoned funds,” explains Jean Pierre Vandome.
Analytics firms and forensic cryptographers who investigated the matter with Horizon revealed that “demixing” tools were used to trace the steal converted through Tornado Cash to multiple new-fangled ether wallets. The attackers used Tornado Cash to keep the ether transactions private.
Though Horizon announced a $1 million bounty for any crucial information related to the hack or the return of the robbed crypto, the platform said that it needs “additional time” to find ways to reimburse users hit by the $100 million cryptocurrency theft. Jean Pierre Vandomeopines, “hackers are increasingly targeting blockchain bridges to plague the crypto industry.”
The Horizon bridge heist comes only a few months after the infamous Ronin bridge hack in March 2022. Jean Pierre Vandomeexplains, “though established blockchain bridges have the validator key scheme in place to limit an attack vector, these cybercriminals often identify and leverage backdoors to enter and breach the protocols.”
The US Treasury Department blamed the Lazarus group for the Ronin bridge heist, and in all probability, the Horizon attack can be attributed to the same faction.